Overview
| SHA1 Hash: | 77bdac3b195d12f7e0f8fdd12cf9313cd4008559 |
|---|---|
| Date: | 2008-11-22 18:16:57 |
| User: | drh |
| Comment: | Use colored bullets to indicate the privileges of "nobody", "anonymous", and "developer" on the user edit page. |
| Timelines: | ancestors | descendants | both | trunk |
| Other Links: | files | ZIP archive | manifest |
Tags And Properties
- branch=trunk inherited from [a28c83647d]
- sym-trunk inherited from [a28c83647d]
Changes
[hide diffs]Modified src/setup.c from [a19953c05f] to [22cb07cc7a].
@@ -200,14 +200,10 @@
@ <li><p>
@ Users with privilege <b>v</b> inherit the combined privileges of
@ <b>developer</b>, <b>anonymous</b>, and <b>nobody</b>.
@ </p></li>
@
- @ <li><p>
- @ A blank password disables login for a user.
- @ </p></li>
- @
@ </ol>
@ </td></tr></table>
style_footer();
}
@@ -231,10 +227,11 @@
void user_edit(void){
const char *zId, *zLogin, *zInfo, *zCap, *zPw;
char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap;
char *oak, *oad, *oac, *oaf, *oam, *oah, *oag, *oae;
char *oat, *oav, *oaz;
+ const char *inherit[128];
int doWrite;
int uid;
int higherUser = 0; /* True if user being edited is SETUP and the */
/* user doing the editing is ADMIN. Disallow editing */
@@ -368,10 +365,37 @@
if( strchr(zCap, 'v') ) oav = " checked";
if( strchr(zCap, 'w') ) oaw = " checked";
if( strchr(zCap, 'z') ) oaz = " checked";
}
+ /* figure out inherited permissions */
+ memset(inherit, 0, sizeof(inherit));
+ if( strcmp(zLogin, "developer") ){
+ char *z1, *z2;
+ z1 = z2 = db_text("","SELECT cap FROM user WHERE login='developer'");
+ while( *z1 ){
+ inherit[0x7f & *(z1++)] = "<font color=\"red\">•</font>";
+ }
+ free(z2);
+ }
+ if( strcmp(zLogin, "anonymous") ){
+ char *z1, *z2;
+ z1 = z2 = db_text("","SELECT cap FROM user WHERE login='anonymous'");
+ while( *z1 ){
+ inherit[0x7f & *(z1++)] = "<font color=\"blue\">•</font>";
+ }
+ free(z2);
+ }
+ if( strcmp(zLogin, "nobody") ){
+ char *z1, *z2;
+ z1 = z2 = db_text("","SELECT cap FROM user WHERE login='nobody'");
+ while( *z1 ){
+ inherit[0x7f & *(z1++)] = "<font color=\"green\">•</font>";
+ }
+ free(z2);
+ }
+
/* Begin generating the page
*/
style_submenu_element("Cancel", "Cancel", "setup_ulist");
if( uid ){
style_header(mprintf("Edit User %h", zLogin));
@@ -399,32 +423,33 @@
@ <td><input type="text" name="info" size=40 value="%h(zInfo)"></td>
@ </tr>
@ <tr>
@ <td align="right" valign="top">Capabilities:</td>
@ <td>
+#define B(x) inherit[x]
if( g.okSetup ){
- @ <input type="checkbox" name="as"%s(oas)>Setup</input><br>
- }
- @ <input type="checkbox" name="aa"%s(oaa)>Admin</input><br>
- @ <input type="checkbox" name="ad"%s(oad)>Delete</input><br>
- @ <input type="checkbox" name="ae"%s(oad)>Email</input><br>
- @ <input type="checkbox" name="ap"%s(oap)>Password</input><br>
- @ <input type="checkbox" name="ai"%s(oai)>Check-In</input><br>
- @ <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br>
- @ <input type="checkbox" name="ah"%s(oah)>History</input><br>
- @ <input type="checkbox" name="av"%s(oav)>Developer</input><br>
- @ <input type="checkbox" name="ag"%s(oag)>Clone</input><br>
- @ <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br>
- @ <input type="checkbox" name="af"%s(oaf)>New Wiki</input><br>
- @ <input type="checkbox" name="am"%s(oam)>Append Wiki</input><br>
- @ <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br>
- @ <input type="checkbox" name="ar"%s(oar)>Read Tkt</input><br>
- @ <input type="checkbox" name="an"%s(oan)>New Tkt</input><br>
- @ <input type="checkbox" name="ac"%s(oac)>Append Tkt</input><br>
- @ <input type="checkbox" name="aw"%s(oaw)>Write Tkt</input><br>
- @ <input type="checkbox" name="at"%s(oat)>Tkt Report</input><br>
- @ <input type="checkbox" name="az"%s(oaz)>Download Zip</input>
+ @ <input type="checkbox" name="as"%s(oas)>%s(B('s'))Setup</input><br>
+ }
+ @ <input type="checkbox" name="aa"%s(oaa)>%s(B('a'))Admin</input><br>
+ @ <input type="checkbox" name="ad"%s(oad)>%s(B('d'))Delete</input><br>
+ @ <input type="checkbox" name="ae"%s(oae)>%s(B('e'))Email</input><br>
+ @ <input type="checkbox" name="ap"%s(oap)>%s(B('p'))Password</input><br>
+ @ <input type="checkbox" name="ai"%s(oai)>%s(B('i'))Check-In</input><br>
+ @ <input type="checkbox" name="ao"%s(oao)>%s(B('o'))Check-Out</input><br>
+ @ <input type="checkbox" name="ah"%s(oah)>%s(B('h'))History</input><br>
+ @ <input type="checkbox" name="av"%s(oav)>%s(B('v'))Developer</input><br>
+ @ <input type="checkbox" name="ag"%s(oag)>%s(B('g'))Clone</input><br>
+ @ <input type="checkbox" name="aj"%s(oaj)>%s(B('j'))Read Wiki</input><br>
+ @ <input type="checkbox" name="af"%s(oaf)>%s(B('f'))New Wiki</input><br>
+ @ <input type="checkbox" name="am"%s(oam)>%s(B('m'))Append Wiki</input><br>
+ @ <input type="checkbox" name="ak"%s(oak)>%s(B('k'))Write Wiki</input><br>
+ @ <input type="checkbox" name="ar"%s(oar)>%s(B('r'))Read Tkt</input><br>
+ @ <input type="checkbox" name="an"%s(oan)>%s(B('n'))New Tkt</input><br>
+ @ <input type="checkbox" name="ac"%s(oac)>%s(B('c'))Append Tkt</input><br>
+ @ <input type="checkbox" name="aw"%s(oaw)>%s(B('w'))Write Tkt</input><br>
+ @ <input type="checkbox" name="at"%s(oat)>%s(B('t'))Tkt Report</input><br>
+ @ <input type="checkbox" name="az"%s(oaz)>%s(B('z'))Download Zip</input>
@ </td>
@ </tr>
@ <tr>
@ <td align="right">Password:</td>
if( strcmp(zLogin, "anonymous")==0 ){
@@ -452,16 +477,32 @@
@ User %h(zLogin) has Setup privileges and you only have Admin privileges
@ so you are not permitted to make changes to %h(zLogin).
@ </b></font></p></li>
@
}
- @
@ <li><p>
@ The <b>Setup</b> user can make arbitrary configuration changes.
@ An <b>Admin</b> user can add other users and change user privileges
@ and reset user passwords. Both automatically get all other privileges
@ listed below. Use these two settings with discretion.
+ @ </p></li>
+ @
+ @ <li><p>
+ @ The "<font color="green"><big>•</big></font>" mark indicates
+ @ the privileges of "nobody" that are available to all users
+ @ regardless of whether or not they are logged in.
+ @ </p></li>
+ @
+ @ <li><p>
+ @ The "<font color="blue"><big>•</big></font>" mark indicates
+ @ the privileges of "anonymous" that are inherited by all logged-in users.
+ @ </p></li>
+ @
+ @ <li><p>
+ @ The "<font color="red"><big>•</big></font>" mark indicates
+ @ the privileges of "developer" that are inherited by all users with
+ @ the <b>Developer</b> privilege.
@ </p></li>
@
@ <li><p>
@ The <b>Delete</b> privilege give the user the ability to erase
@ wiki, tickets, and attachments that have been added by anonymous
@@ -476,21 +517,16 @@
@ user "nobody" to avoid problems with spiders trying to walk every
@ historical version of every baseline and file.
@ </p></li>
@
@ <li><p>
- @ The <b>Zip</b> privilege allows a user to see the download as zip hyperlink
- @ as well as permit access to the <tt>/zip</tt> page. It can be allowed for
- @ user "nobody" to grant him access to download artifacts he know from the
- @ server without giving him other rights like <b>Read</b> or <b>History</b>.
- @ So automatic package dowloaders could be able to obtain the sources without
- @ going thru the login procedure.
- @ </p></li>
- @
- @ <li><p>
- @ The <b>Developer</b> privilege causes all privileges of the user
- @ named "developer" to be inherited by this user.
+ @ The <b>Zip</b> privilege allows a user to see the "download as ZIP"
+ @ hyperlink and permits access to the <tt>/zip</tt> page. This allows
+ @ users to download ZIP archives without granting other rights like
+ @ <b>Read</b> or <b>History</b>. This privilege is recommended for
+ @ user <b>nobody</b> so that automatic package downloaders can obtain
+ @ the sources without going through the login procedure.
@ </p></li>
@
@ <li><p>
@ The <b>Check-in</b> privilege allows remote users to "push".
@ The <b>Check-out</b> privilege allows remote users to "pull".
@@ -513,11 +549,12 @@
@ </p></li>
@
@ <li><p>
@ The <b>EMail</b> privilege allows the display of sensitive information
@ such as the email address of users and contact information on tickets.
- @ Recommended OFF for "anonymous" and for "nobody".
+ @ Recommended OFF for "anonymous" and for "nobody" but ON for
+ @ "developer".
@ </p></li>
@
@ <li><p>
@ Login is prohibited if the password is an empty string.
@ </p></li>